Learning Review

Security checks across malware telemetry and agentic risk

Overview

This self-improvement skill is understandable, but it can persistently change learning and agent-behavior files without clearly requiring user approval first.

Install only if you want an agent to maintain persistent learning notes. Before using it, require the agent to show proposed changes before editing AGENTS.md, TOOLS.md, SOUL.md, MEMORY.md, memory files, or extracted skills, and consider keeping logs in a dedicated .learnings directory unless you approve promotion.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: The skill explicitly directs automatic writes to multiple workspace files, including AGENTS.md, TOOLS.md, SOUL.md, MEMORY.md, and memory/ reports, without requiring user confirmation or presenting a write-scope warning. In an agent setting, silent self-modification and persistent file writes can alter future behavior, pollute memory, or overwrite important configuration based on potentially low-quality or adversarially influenced learning content.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal